Everything you need to know about ransomware and cyber extortion

Ransom refers to some kind of payment that is demanded in exchange for the release of someone or something that has been taken. It is a simple, yet effective method that has been used by criminals for thousands of years.

The dynamics of ransom are not difficult to understand: I take something important to you, and you pay me to give it back.

Today, criminals are applying these ancient approaches to modern technologies. Ransomware is one of the areas of cybercrime that is growing at an exceptional speed. But what is ransomware? It is malicious software that is specifically designed to take control of a computer system or its data and hold it hostage so the attackers can demand payment from the victims. Although ransomware used to only target PCs, it has now migrated to mobile platforms as well.

 Some public disclosures involving demands for ransom include:

   o   The town of Greenland, New Hampshire lost eight years’ worth of data when it fell victim to a ransomware known as CryptoLocker.

   o   A brokerage and investment advisory firm exposed data related to some 430 New Hampshire residents from a ransomware called CryptoWall.

   o   Domino’s Pizza in France and Belgium was put in a vulnerable position when the personal information (including pizza toppings) of 650 000 customers was compromised.  The hackers demanded 30 000 euros in exchange for now disclosing the information.

It seems like cyber criminals continue to move faster than the tech industry’s ability to create new jargon to describe it. In practical terms, it shows that we should also be aware of another ancient and effective exploit: extortion. Extortion is the crime of taking money from another party by using threat or force.

The dynamics of extortion are not difficult to understand either: I cause, or threaten to cause, you harm and you pay me to stop.

To protect against ransomware, now is the perfect time for organisations to remind themselves of some basic best practices:

   o   Back up your data regularly

      o   Ensure that your endpoints and servers are patched and up-to-date

      o   Deploy appropriate endpoint protection

      o   Regularly make end users aware of safe email and web browsing practices

Preventing ransomware and cyber extortion isn’t successful 100% of the time, so it makes sense to be capable of detecting and responding to incidents more quickly when they do occur.

Are you a victim of ransomware or cyber extortion - contact The Computer Guyz in Cape Town or Centurion and we can be of service to you!